/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PublicSymptom
- Does the Mobile app have inactivity timeout settings?
- How to set session timeout on Mobile App?
- What is the difference between Mobile App Session Timeout and Reauthentication Duration?
- How to set the number of days after the last authentication when users will be prompted to authenticate again?
Environment
SAP SuccessFactors HCM Suite
Resolution
The Mobile App Password configuration enhances security by requiring users to create a unique password for each mobile device. The Mobile App Session Timeout setting, located under the Mobile App Password configuration, determines how long the application can remain idle before the session expires. When this option is enabled, the session automatically times out after the specified idle period. To resume activity, users must re-enter their Mobile App Password.
To configure the Mobile App Session Timeout setting:
- Admin Center
- Enable Mobile Features tool
- Mobile Specific tab
- Under Mobile Security, search for Mobile App Password
Note: The Mobile App Password feature must be enabled before the session timeout setting can be configured - Click on the gear icon on the right side of Mobile App Password
- Enable the Mobile App Session Timeout option, then set the desired expiration time (between 30 seconds and 5 minutes)
Reference: Device Management and Limitations:
Does the Mobile app have inactivity timeout settings?
Yes. You can configure how long the app can be idle before the session times out, using the Mobile App Session Timeout setting. To do that, go to Admin Center Enable Mobile Features Mobile App Password and select Mobile App Session Timeout. Then choose from the available expiration times.
The Require Authentication setting is mandatory and cannot be disabled. While the Mobile App Password provides an additional security layer at the device level, the Require Reauthentication setting is related to the authentication process (for example, via IAS). Once users are authenticated, they are not required to authenticate again unless they log out or the configured reauthentication period expires.
All mobile users are required to periodically reauthenticate their Mobile Profile. By default, the Reauthentication Duration is set to 180 days. This setting defines the number of days after the last authentication when users will be prompted to authenticate again.
To configure the Reauthentication Duration setting:
- Admin Center
- Enable Mobile Features tool
- Mobile Specific tab
- Under Mobile Security, search for Require Reauthentication
- Click on the gear icon on the right side of Require Reauthentication
- Set the desired Reauthentication Duration time (in days)
See Also
- SAP Help Configuring Mobile App Password
- SAP Help Mobile Security Guide
- SAP Help Mobile Security Guide - Frequently Asked Questions
- KBA 2088893 - How to define the Session timeout period and timeout warning period for SuccessFactors Platform
Keywords
Mobile App, Session Timeout, Mobile App Password, Mobile App session timeout, mobile settings, MOB, inactivity, Reauthentication Duration, Require Authentication, Authentication, IAS , KBA , LOD-SF-PLT-MOB , Mobile Issues , How To
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)